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[57] ABSTRACT 

A portable storage medium is used to store data and provide 
access to information from an information dissemination 
system (IDS). The storage medium can store one or more 
location/key pairs. Each of the location/key pairs designates 
a particular IDS location as well as an access key to the 
particular IDS location. The storage medium can also store 
a plurality of information units. The information units are 
categorized into levels of information categories with at 
least one information category per level and at least one 
information unit per information category. Levels of infor- 
mation categories can be individually accessed and catego- 
ries of information units within levels can be selectively 
downloaded. 

13 Claims, 6 Drawing Sheets 
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FIG. 5 
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SECURE AND CONVENIENT INFORMATION a need remains for a means to selectively, securely, and 

STORAGE AND RETRIEVAL METHOD AND conveniently disseminate information. 

APPARATUS 



SUMMARY OF THE INVENTION *XO^ A^fc^ 

A portable storage me dium is u se d to store data and^ ( — % ^ _ A 
provide acces^lo^inlowaK aissemi^" T^JwA V i\ V*' 



BACKGROUND OF THE INVENTION 

1. Field of the Invention _ 

The present invention pertains to the field of information TnrrTon system (IDS). The storage medium can store one or 

systems. More particularly, this invention relates to the art of Jiioie Iuuiiuii/key> pairs. Each of the location/key pairs 

selectively, securely, and conveniently disseminating infer- 30 designates a particular IDS location as well as an access key 

mal j on to the particular IDS location. 

2 Background stora g e medium can also store a plurality of infor- 

_ . ■ « i- r i mation units. The information units are categorized into 

Every time a person goes to the doctor, applies for a loan, . . r . r . . . ... , . . • f 

/ ? , . , L tL levels of information categories with at least one lnforma- 

or makes a credit card purchase over the telephone, the . t . . f> # , . c 

. . Jt v. . , . e \. tion category per level and at least one information unit per 

person is required to provide certain personal information. 15 . <. .. . T t r ■ r *■ * ■ 

f„ ^ . / n i-i i i r . . » l information category. Levels of information categories can 

hoz instance, a doctor will likely ask if a patient has . c - c 

. . . . ; ' . 5 j ■ * be mdividually accessed and categories of information units 

insurance and may inquire about the patient s medical . . , ' . . . . j . . , 

A . ,. . . .. , • within levels can be selectively downloaded. 

history. A lending institution will likely require an applicant ' 

to provide any and all information related to the applicant's BRIEF DESCRIPTION OF THE DRAWINGS 

ability to make payments. Normally, providing the requested 20 

personal information involves completing at least one, and Examples of the present invention are illustrated in the 

often several, forms, documents, and questionnaires either accompanying drawings. The accompanying drawings, 

by hand or by verbally relaying the information. Even a however, do not limit the scope of the present invention 

relatively simple transaction like a credit card purchase over whatsoever. Like references in the drawings indicate similar 

the telephone will likely require the purchaser to provide his 25 elements, 

or her name, address, and telephone number in addition to * fig. \ illustrates one embodiment of an information 

his or her credit card number. dissemination system incorporating a smart card; 

In recent years, banks, telephone companies, and health FIG. 2 illustrates one embodiment of information catego- 

care providers have started marketing "smart cards" in an ^ anc j information units stored on a smart card; 

attempt to improve security and accuracy as well as conve- nG 3 illustrates one embodiment of a smart card storing 

nience. A smart card is generally a small electronic devtce a oumber of location/key pairSj each of which designate a 

about the size of a credit card that contains n re-wntahlfi particular network location; 

memory and possibly additional integrated circuitry. Banks . . n , r , t c 

1 / • u 1 . a — . a „ „ . FIG. 4 illustrates the process of one embodiment ot an 

have typically marketed smart cards as secure cash • 

* t u ■ j _i a u 1 c ,35 information dissemination system incorporating a smart 

replacements, wherein a user downloads a balance of money j r t> 

into the card's memory. The user can make purchases, from car ' 

anyone who has a smart card reader, by debiting the balance FIG- 5 illustrates one embodiment of a process to manage 

stored in the card's memory. The card is more secure than the contents of a smart card; and 

cash because the cash balance cannot be accessed without FIG. 6 illustrates one embodiment of a hardware system 

providing asgcjitil^ucode. When the balance runs low, the 40 capable of performing the processes of FIGS. 4 and 5. 
user has tneoption to download more money to the card. 

™, . t . . . ■ -i f K - a DETAILED DESCRIPTION 
Ielephone smart cards work in a similar fashion. I ne card 

is credited with a certain dollar amount or telephone time. A In the following detailed description, numerous specific 

smart card reader can be integrated into the telephone and 45 details are set forth in order to provide a thorough under- 

the balance on the card can be debited for each call made. standing of the present invention. However, it will be 

In the health care industry, smart cards have been used to understood by those skilled in the art that the present 

store the medical history of the card holder. For instance, a invention may be practiced without these specific details and 

number of European socialized health care systems provide that the present invention may be practiced in a variety of 

medical history smart cards. Using a smart card reader, a 50 alternate embodiments. In other instances well known 

health care provider is able to read and add to a patient's methods, procedures, components, and circuits have not 

medical history as the patient is being examined. been described in detail. 

Smart cards have also been used to increase computer FIG. 1 illustrates one embodiment of an apparatus used to 

security. Generally, when a computer is remotely accessed securely and conveniently disseminate selected information, 

over an insecure network, password keystrokes are vulncr- 55 The apparatus includes an information dissemination system 

able to detection. With a smar t card, howe ver, a compute r (IDS) 140. IDS 140 represents a wide range of information 
password can be encrypted and storea in tne card J s memory^ disseminating systems, such as a web server on the internet 

^Th^rTrfr^m s flny^m^^ p fT"' na1 thai ha<i a KmAfi_fiaigLcaa<W/ or a local server in a local area network. 

access to a central computer can be establishecLu sing an IDS 140 is coupled to an information seeking system 

encrypted I pa ssword^ 60 (ISS) 130. ISS 130 can be used by any entity seeking to 

Even with these innovations, the versatility of the smart access information. JgS 130 represents a wide ran&e_ of 

card has yet to be fully realized. In the information age, systems, includ ing pel^ohalx0f5puters T cash registers, and 

protecting and selectively disseminating all types of infer- p ublic telephones^ ISS ljQ is coupled to card reader 110. In 

mation is of increasing importance. As information becomes one embodiment, card reader 110 is integrated into ISS 130. 

more readily available, and more frequently required in 65 Alternately, card reader 110 is external to ISS 130. In either 

order to carry on daily activities, convenient dissemination case, card reader 110 is used to interface with smart card 

of information Is also of increasing importance. Therefore, 120. 
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IDS 140 is coupled to ISS 130 through medium 135. one embodiment of how information can be stored and 

Medium 135 is intended to represent a wide range of organized in smart card 120. As shown, a number of 

communications media, such as local area networks, public information units have been stored on the smart card. The 

switched telephone networks (PSTN), and the internet. information units include the user's name 205, electronic 

In one embodiment, smart card 120 is about the size and 5 signature 215, home address 225, unlisted phone number 

shape of a regular credit card. Like a credit card, smart card 235, and credit card number 245, as well as two location key- 

120 is easy to carry and convenient to use. Unlike a credit pairs 255 and 265. The card could also store the user's 

card, however, smart card 120 contains a storage medium business address, other telephone numbers, additional credit 

(not shown), which can hold a variety o f information, such card numbers, separate electronic signatures to authorize the 

as a user's name and address, a currency balance, amTa 1Q use of credit cards and conduct other transactions, driver's 

lv% ""telephone tune balance. Among tne items of information license number, social security number, spouse's name, 

*J\i smart card i^u can Store is a location/key pair. A location/ health insurance number and provider information, medical 

il (0 P ^ey P a * r ' ^ dis 01155 ^ * n detail below, designates the location history, current cash balance, current balance of telephone 

/ / of IDS 140 and supplies the authentication information time, one or more encrypted computer system remote 

J necessary to gain access to IDS 14 0. 15 passwords, and any other information the user may want to 

'j/ > " L/ Disseminating lnlormation is especially convenient using disseminate or access. The list of possibilities is virtually 

smart card 120. For instance, to apply for a bank loan, an endless. 

applicant is normally required to manually complete a large A number of information categories have also been stored 

number of loan documents. Assuming the bank has an ISS on the smart card. As shown, the information categories 

130, however, a smart card user can download a subset of the 2 q include personal information 210, business information 220, 

requested information from smart card 120 directly to the credit information 230, medical information 240, and 

bank. The card user can also grant the bank access to the resume information 250. Additional categories could include 

remainder of the requested information using location/key consumer information, insurance information, family 

pairs stored on smart card 120. For example, information information, and any other category that a user may need to 

downloaded directly from the card may include the appli- 2 $ g rou P information units together. Again, the possibilities are 

cant's name, address, employer, and a location/key pair. The virtually limitless. Each information category links together 

location/key pair may designate the uniform resource locator one or more information units. A single information unit can 

(URL) of IDS 140 which is, for example, a web site operated be linked into multiple categories. For instance, the user's 

by the card user's employer. The access key part of the name 205 has been linked into all of the information 

location/key pair may provide a user identifier (ID) and a 30 categories shown in FIG. 2. 

password to access the card user's employment file located As an example, continuing the bank loan example from 
at the web site. The bank's ISS 130 then has the option to go above, the loan applicant can select one or more information 
to the web site, provide the user ID and password, and verify categories to download in addition to, or rather than, select - 
the user's employment as well as download salary in forma- ing individual information units. By selecting an informa- 
tion. 35 tion category, all the information units linked into the 

In addition to convenience, smart card 120 also provides category are downloaded, 

security. Access to the information stored on the card can be Information units can also be categorized into individu- 

limited by any number of security measures. For example, ally accessible levels of information categories and infor- 

smart card 120 could include security access logic (not mation units. Rather than granting access to all of the 

shown) in addition to an encrypted personal identification . 4 q information on the card with one access code, a user can 

number (P IN) and/or biometric code stored in the storage access different levels of information with different access 

medium on the card using puonc Key cryptography. Then, in codes. Access to a table of contents, like that shown in FIG. 

order to access the card, a user would have to provide a PIN 2, may be obtained with one PIN, Then, access to highly 
to ISS 130 and/or undergo a biometric scan or procedure . sensitive information listed in the table may require addi- 

such as a retina scan, a finger print scan, voice print 45 tional access authority based on, for example, a retina scan, 

- recognition, or anatomy recognition such as face or hand For instance, making a large purchase may require a finger 

UllA-s ( C reco S mt i° n ^ ISS 130 would, in turn, provide the PIN or print scan in addition to face recognition and a second PIN. 

MrYt^biometric datl^the access logic on smart card 120 through A small purchase may only require face recognition. 

U-^OD card reader 110 for verification. The access logic would Similarly, downloading medical records may require voice 

^ compare the provided PIN or biometric data to the encrypted 50 print analysis. Individually accessible levels of information 

PIN or biometric code and grant or deny access based on the can be particularly useful where a card user hands his or her 

comparison. No information, including the encrypted PIN or card over to, for example, a fife insurance agent. The card 

biometric code, would be read from smart card 120 until user may not wish to disclose certain aspects of his or her 

access was authorized. medical history to the insurance agent but may want to keep 

Photo identification could provide additional security. The 55 the information available for his or her doctor. By protecting 

card could automatically download an image of the autho- certain categories or sub-categories of information with a 

rized user to ISS 130, after the PIN and/or biometric code higher level of security, the card user can be assured that the 

has been verified. For instance, continuing the bank loan insurance agent is not downloading sensitive information 

example from above, assuming the bank's ISS 130 includes while the card is out of the user's hands, 

a display device, ISS 130 could display the image of the 60 Location/key pairs provide an additional degree of 

authorized user for identification by bank personnel prior to convenience, and greatly expand the amount of information 

allowing access to information stored on the card|That is, a user can disseminate. A location/key pair can be linked into 

rather than depend on a photo physically affixed to the card an information category just like any other information unit, 

where it is subject to tampering, an image could be Location/key pairs are particularly useful for disseminating 

encrypted and stored on the card in the storage medium. as information that changes frequently, is too voluminous to be 

Smart card 120 also allows a user to conveniently select stored on the card, or information that needs to be verified 

the information to disseminate. For example, FIG. 2 shows or authenticated by an independent source. 



12/04/2003, EAST version: 1.4.1 



6,044, 

5 

FIG. 3 illustrates a number of location/key pairs stored on 
smart card 120. As shown, a number of IDS 140 locations 
are designated including the user's home personal computer 
310, work computer 320, credit report service 330, and 
health care provider's computer 340. Additional locations 5 
could include former employers, previous landlords, educa- 
tional institutions attended, and government agencies such 
as the Department Motor Vehicles and the Internal Revenue 
Service. The location can take many forms including a 
uniform resource locator (URL), an internet protocol (IP) 10 
address, or a direct dial telephone number. Various forms of 
information can be stored at each location such as a credit 
report, a medical archive, and tax records. 

The form of the access key for each location depends on 
the desired level of security. For instance, if the designated 15 
location is the user's web page, access is likely to be open 
to tbe public and no access key will be needed. If, on the 
other hand, the designated location is the user's credit report 
service 330 or health care provider 340, an access key will 
likely be required. Where an access key is required, the 20 
entity seeking access must present the key at the designated 
location in order to gain access to the desired information. 
For example, the access key may be a user ID and accom- 
panying password, a digital certificate or signature such as 
those used in public key cryptography, or any other infor- 25 
mation to establish access authority. 

Access to information can be limited to a specific location 
and to the extent that the corresponding access key grants 
authority. For instance, a location may designate one speci- 
fied directory or file on a particular hard drive. The rest of 30 
the hard drive can be protected by a fire wall. Within the 
specified location, an access key may grant one of many 
levels of access. For instance, a web site may have public 
areas and secure areas, or even levels of secure areas. 

35 

Depending on the level of the access key used to enter the 
web site, different levels of information will be available. 

Any number of access key security measures can be 
employed. For example, the access key could be encrypted 
so that it can only be used and not read or copied by the ^ 
entity seeking access. The access key could also be time 
limited for use within a certain number of minutes or days 
after being downloaded, or it could be valid for only a 
limited number of accesses. 

Using public key cryptography, for instance, an access 45 
key could be dynamically created or modified depending on 
who is the recipient of the key. When a location/key pair is 
downloaded, a user interface on ISS 130 could prompt the 
user to either use a default access key or define a unique 
access key. In which case, a user could selectively set a - 50 
time-out parameter for the access key to be revoked after a 
particular amount of time. Dynamically created access keys 
can have additional uses, such as varying the number of 
authorized accesses or the level of access within a location. 

Additional location/key pairs may be embedded within a 55 
location so that categories of information are connected in 
chains of locations. For instance, in the bank loan example 
from above, a location/key pair may provide access to a file 
on the user's home computer over a modem connection. The 
file may provide a list of former employers. The list could go 
include embedded location/key pairs to grant access to 
employment records on each employers' computer system 
so that the entity accessing the list could authenticate the 
contents of the list 

The availability of embedded location/key pairs could 65 
also depend on the access key used to access the original 
location. For instance, as discussed above, a web site may 
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have levels of secure areas. Depending on the level of the 
access key used to enter the web site, different choices of 
embedded location/key pairs may be available. 

FIG. 4 illustrates one embodiment of an information 
dissemination method using the apparatus of FIG. 1. First, 
smart card 120 is inserted into card reader 110 in block 410. 
Then, ISS 130 can interface with the card through card 
reader 110. In block 420, authority to access smart card 120 
is verified. As discussed above, the card user may have to 
provide a PIN or undergo a bio me trie scan to gain access. 
Then, in block 430, the user can select categories of infor- 
mation units and/or individual information units to down- 
load to ISS 130. For instance, in one embodiment, ISS 130 
includes a display device. A table, like that shown in FIG. 2, 
can be downloaded from smart card 120 to ISS 130 and 
displayed. Then, information can be selected, for example, 
using a pointing device like a mouse, a number pad, or voice 
input to designate the titles of information categories and 
information units. 

Once the information is downloaded, smart card 120 is 
ejected from card reader 110 in block 440. If the downloaded 
information includes one or more location/key pairs, in 
block 450, ISS 130 has the option, in block 460, to establish 
a connection with the location of IDS 140. The location can 
then be accessed using the corresponding access key in 
block 470. In block 480, the process can be repeated until no 
location/key pairs remain. 

In addition to disseminating selected information, a smart 
card can be used and configured to store selected informa- 
tion. The storage medium on the card is re-writable so the 
card user can download information to the card, as well as 
delete, modify, and organize information stored on the card. 
FIG. 5 illustrates one embodiment of a process to perform 
these additional functions. 

First, in block 510, the user inserts smart card 120 in card 
reader 110. After the user verifies access authority for the 
card in block 520, the user can activate a card editor process 
using ISS 130, in block 530. The card editor can be a 
software application stored on ISS 130 or on the card itself, 
or the card may include integrated circuitry to perform the 
card editor function, wherein tbe user interface is provided 
by ISS 130. In any case, with the card editor, the user can 
add new information categories and information units in 
block 540 by manually typing information with a text editor, 
or other application, and downloading it to the storage 
medium, by downloading information from a disk drive 
coupled to ISS 130, by downloading information from a 
location in IDS 140 through ISS 130, or by any other means. 
In one embodiment, for each item that is downloaded to the 
card, the user will be prompted for an identifying label. Each 
label will be added to the table shown in FIG. 2. 

In block 550, the card editor can also be used to edit or 
delete information already stored on the card. In one 
embodiment, the table of FIG. 2 can be downloaded from the 
card to ISS 130, and individual information units and labels 
for information units and categories can be selected, down- 
loaded to ISS 130, edited, and returned to the card. The card 
editor, in block 560, can then be used to organize the 
information by linking information units into information 
categories. For example, grid entries in FIG. 2 can be 
toggled yes/no in order to link an information unit into a 
category or remove it from a category. When the editing is 
complete, the card can be ejected in block 570. 

Using the procedure of FIG. 5, a user may customize the 
card contents by creating variations on information units. 
For instance, a user may link an abbreviated or commonly 
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used name into a personal or family information category, 
and link a full or formal name into a business or credit 
information category. 

A user may also create information sub-categories, or 
variations on information categories. For instance, within a 
personal information category, a card user may distinguish 
among good friends and new acquaintances, wherein an 
unlisted home telephone number is linked into a good friend 
category but not into a new acquaintance category. Using 
sub -categories, different levels of categorized information 
can be selectively disseminated. 

Any number of hardware systems can be used to perform 
the functions of ISS 130. For example, ISS 130 may be 
represented by a broad category of computer systems known 
in the art, such as a computer system equipped with a high 
performance microprocessor(s), such as the Pentium® 
processor, Pentium® Pro processor, or Pentium® II proces- 
sor manufactured by and commonly available from Intel 
Corporation of Santa Clara, Calif., or the Alpha® processor 
manufactured by Digital Equipment Corporation of 
Maynard, Mass. Certain implementations such as cash reg- 
isters and telephones may rely on processors with relatively 
low levels of functionality such as a digital signal processor 
(DSP). 

FIG. 6 illustrates one embodiment of a suitable hardware 
system. In the illustrated embodiment, the hardware system 
includes microprocessor 610 coupled to high speed bus 605, 
which is coupled to input/output (I/O) bus 615 through bus 
bridge 630. Temporary memory 620 is coupled to bus 605. 
Permanent memory 640 is coupled to bus 615. Display 
device 670 and keyboard 680 are also coupled to bus 615. 
Communications interface 650 and general purpose 1/0 660 
are also coupled to bus 615. Communications interface 650 
couples the system to IDS 140, and general purpose 1/0 660 
couples the system to card reader 110. 

Certain embodiments may include additional 
components, may not require all of the above components, 
or may combine one or more components. For instance, 
temporary memory 620 may be on-chip with microprocessor 
610. Alternatively, permanent memory 640 may be elimi- 
nated and temporary memory 620 may be replaced with an 
electrically erasable programmable read only memory 
(EEPROM), wherein software routines are executed in place 
from the EEPROM. Likewise, keyboard 680 may be 
replaced with a simple number pad when, for instance, ISS 
130 is integrated into a telephone. Some implementations 
may employ a single bus to which all of the components are 
coupled. Additional components may be included in the 
hardware system, such as additional processors, storage 
devices like a CD ROM, memories, and other peripheral 
components known in the art. 

In one embodiment, ISS 130 as discussed above is imple- 
mented as a series of software routines run by the hardware 
system of FIG. 6. These software routines comprise a 
plurality or series of instructions to be executed by a 
microprocessor in a hardware system, such as microproces- 
sor 610 of FIG. 6. Initially, the instructions can be stored on 
a storage device, such as permanent memory 640. It is to be 
appreciated that the instructions can be stored using any 
conventional storage medium, such as a diskette, CD-ROM, 
magnetic tape, digital video or versatile disk (DVD), laser 
disk, ROM, Flash memory, etc. It is also to be appreciated 
that the instructions need not be stored locally, and could be 
received from a remote storage device, such as a server on 
a network over communications interface 650, a CD ROM 
device, a floppy disk, etc. The instructions may be copied 
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from the storage device into temporary memory 620 and 
then accessed and executed by microprocessor 610. In one 
implementation, these instructions are derived from soft- 
ware routines written in the C++ programming language. It 
5 is to be appreciated that these software routines may also be 
implemented in any of a wide variety of programming 
languages. 

In alternate embodiments, the present invention is imple- 
mented in discrete hardware or firmware. For example, one 

10 or more application specific integrated circuits (ASICs) 
could be programmed with the above described functions of 
the present invention. In another example, ISS 130 could be 
implemented in one or more ASICs on an 'additional circuit 
board and the circuit board could be inserted into the 

5 hardware system of FIG. 6. 

With any one of a number of hardware systems in place, 
smart card 120 can be customized to selectively, securely, 
and conveniently disseminate virtually any information in a 
wide variety of circumstances. In one embodiment, an 

20 information category may link names, addresses, and phone 
numbers of all the immediate family members, as well as 
provide a location/key pair designating a photo album 
archive on the user's home computer. In other embodiments, 
a user could download onto the card or provide a location/ 

25 key pair to access an address book with a corresponding 
image archive. A job applicant could download a resume 
information category which includes a location/key pair 
designating the schools the applicant has attended, wherein 
a prospective employer can access the applicant's transcripts 

30 directly from the schools. At the doctor's office or the bank 
loan department, provided the doctor or bank have the 
necessary hardware, the user will never have to fill out 
another form. A car owner may create an automobile related 
category to conveniently and accurately provide his or her 

35 driver's license number and car insurance information when 
stopped by the police or after being involved in an automo- 
bile collision. A consumer may create fictitious information 
units, like a false address and telephone number, and link 
them into a consumer information category in order to avoid 
sales calls and junk mail in the future. Countless additional 
applications are possible. 

A location/key pair may also include additional param- 
eters. For instance, a location/key/info_type triple may 
indicate something about the type of information that is 

45 available at the given location using the given access key. In 
one example where the location identifies a school, the 
info_type parameter may indicate graduate transcripts. 
Additional parameter types include time stamps and access 
number indicators. Time stamps may indicate how old the 

50 information is at the given location or indicate how long the 
access key will be valid. Access number parameters may 
indicate how many times the given location can be accessed 
with the access key. A number of parameters can be included 
with each location/key pair, creating triples, quadruples, etc. 

55 Certain locations may require multiple access keys like a 
safe deposit box in a bank. If ISS 130 does not have all of 
the keys necessary to access a given location, then ISS 130 
cannot access it. For instance, access keys may be needed 
from both spouses in order to gain access to combined 

60 financial information. Medical test results stored on a hos- 
pital's computer may require the individual patient's access 
key as well as a general access key provided by the hospital. 
Dual or multiple access keys can be used anytime more than 
one party has an interest in maintaining the security of a 

65 given location. 

Anywhere there is a card reader coupled to an ISS, 
individuals can transfer information or money from one 
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entity to another or from one card to another card. Card 
readers and ISSs, therefore, can be integrated into public 
phones, cash registers, and computer terminals for easy 
access. Alternatively, card readers can utilize wireless com- 
munications. Then, as long as the card is in the general 
proximity of the card reader, information stored on the card 
can be accessed. 

Proximity reading devices, such as wireless card readers, 
make a variety of storage medium configurations possible. 
For instance, storage mediums can be integrated into 
watches, jewelry, and clothing. A storage medium can even 
be surgically implanted within a user's body, thereby greatly 
increasing security and reducing the likelihood of the stor- 
age medium being lost 

In yet another embodiment, an ISS and card reader could 
be integrated into the smart card itself. For instance, a smart 
card could include a number pad and display screen, like a 
small calculator. Then, using wireless communications, 
information could be transferred from one card directly to 
another card. 

The storage medium can be any of a number of non- 
volatile, re-writable information storage devices. For 
example, a flash electrically erasable programmable read 
only memory could be used. The storage device does not 
have to be electronic, though. For instance, magnetic 
memories, optical memories, and even biochemical memo- 
ries could be used. 

Thus, a method and apparatus for convenient, selective, 
and secure dissemination of information is described. 
Whereas many alterations and modifications of the present 
invention will be comprehended by a person skilled in the art 
after having read the foregoing description, it is to be 
understood that the particular embodiments shown and 
described by way of illustration are in no way intended to be 
considered limiting. Therefore, references to details of par- 
ticular embodiments are not intended to limit the scope of 
the claims. 

What is claimed is: 

1. A method comprising: 

accessing a machine-readable data structure stored on a 
smart card, said machine-readable data structure com- 
prising a plurality of information units, each of said 
plurality of information units being associated with at 
least one of a plurality of information categories, said 
machine-readable data structure further comprising a 
directory of the plurality of information categories; 

satisfying a first level of security associated with the 
directory; 

retrieving the directory; 

selecting at least one of the information categories from 
the directory; 

satisfying a second level of security associated with 

selected information categories; and 
downloading information units associated with the 

selected information categories. 

2. The method of claim 1 wherein the information units 
associated with the selected information categories comprise 
a location/key unit, said location/key unit to designate a 
location of an information dissemination system (IDS) and 
to provide an access key to the location, the method further 
comprising: 

establishing a connection with the location of the IDS; 
and 

accessing data stored at the IDS using the access key. 

3. The method of claim 1 wherein satisfying the first level 
of security comprises at least one of: 



30 



35 



20 



25 



35 



40 



45 



50 



55 



60 
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providing a personal identification number (PIN); aQ d 
verifying a biometric code. 

4. The method of claim 2 wherein the location/key unit 
further defines at least one of an information type for the 
data stored at the IDS and a time stamp. 

5. The method of claim 2 wherein the IDS is provided by 
at least one of a user, an employer, a credit reporting service, 
a bank, a health care provider, an insurance carrier, a former 
employer, a government institution, and an education insti- 
tution. 

6. The method of claim 2 wherein the access key is at least 
one of revocable and dynamically generated. 

7. The method of claim 2 wherein the location comprises 
at least one of a uniform resource locator (URL), an internet 
protocol (IP) address, and a telephone number. 

8. The method of claim 1 wherein the information cat- 
egories include at least one of personal information, busi- 
ness information, credit information, consumer information, 
medical information, insurance information, resume 
information, and family information. 

9. The method of claim 1 wherein the information units 
include at least one of a user's name, electronic signature, 
address, telephone numbers, credit card numbers, driver 
license number, social security number, and health insurance 
information. 

10. The method of claim 1 further comprising at least one 

of: 

storing additional information units to the portable storage 
medium; 

deleting particular information units from the portable 

storage medium; 
creating additional information categories; 
deleting particular information categories; and 
associating information units with information categories. 

11. A machine readable storage medium having stored 
thereon machine executable instructions, wherein execution 
of said machine-executable instructions is to implement a 
method comprising: 

accessing a machine-readable data structure stored on a 
smart card, said machine -readable data structure com- 
prising a plurality of information units, each of said 
plurality of information units being associated with at 
least one of a plurality of information categories, said 
machine -readable data structure further comprising a 
directory of the plurality of information categories; 

satisfying a first level of security associated with the 
directory; 

retrieving the directory; 

selecting at least one of the information categories from 
the directory; 

satisfying a second level of security associated with 

selected information categories; and 
downloading information units associated with the 

selected information categories. 

12. An apparatus comprising: 

first logic to access a machine-readable data structure 
stored on a smart card, said machine-readable data 
structure comprising a plurality of information units, 
each of said plurality of information units being asso- 
ciated with at least one of a plurality of information 
categories, said machine-readable data structure further 
comprising a directory of the plurality of information 
categories; 

second logic to satisfy a first level of security associated 
with the directory; 
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third logic to retrieve the directory; 

fourth logic to select at least one of the information 

categories from the directory; 
fifth logic to satisfy a second level of security associated 

with selected information categories; and 
sixth logic to download information units associated with 

the selected information categories. 
13. An apparatus comprising: 

a smart card to store a machine- readable data structure, 30 
said machine-readable data structure comprising a plu- 
rality of information units, each of said plurality of 
information unils being associated with at least one of 
a plurality of information categories, said machine- 
readable data structure further comprising a directory 
of the plurality of information categories; and 
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said smart card to store machine-executable instructions, 
wherein execution of said machine executable instruc- 
tions is to implement a method comprising 
initiating a first level of security associated with the 
directory; 

providing the directory if the first level of security is 
satisfied; 

receiving a selection of at least one of the information 

categories from the directory; 
initiating a second level of security associated with 

selected information categories; and 
providing information units associated with the 

selected information categories if the second level of 

security is satisfied. 

* * * * * 
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